[BUG]: Actions yaml files can be titled either action.yml or action.yaml but the scanner only accepts action.yml

[rossgrady]

Is there an existing issue for this?

• I have searched the existing issues

Description of the bug

error: parsedContent: Error parsing YAML content for streetsidesoftware/cspell-action/action.yml@main: Cannot read properties of undefined (reading 'length')

This is because that Action doesn't have an action.yml, it has an action.yaml

Per GitHub, here: https://docs.github.com/en/actions/sharing-automations/creating-actions/metadata-syntax-for-github-actions#about-yaml-syntax-for-github-actions

All actions require a metadata file. The metadata filename must be either action.yml or action.yaml

Steps To Reproduce

Scan any action repo (I'm using the scan-actions option) that contains an action.yaml instead of an action.yml

Additional Information

I apologize that this isn't coming in the form of a pull request. In looking at the code, the string action.yml is hard-coded in the fromUrl method in the Action Class -- https://github.com/snyk-labs/github-actions-scanner/blob/main/lib/actions.mjs#L334

But it's just passing that string to the ActionCache.findOrCreate method, which I think is just looking in the cache & creating a cache entry if one doesn't already exist.

The point where the action.yml is being parsed is further down, so there's a layer in there that I couldn't suss out how to navigate.

But one thing is clear: I'm getting around a 15% error rate in scanning a list of Actions, because that many Actions use action.yaml instead of action.yml -- so I figured I should open this issue, even if I can't propose a quick fix.